multipaz/org.multipaz.device

Package-level declarations

Types

AndroidKeystoreSecurityLevel

enum AndroidKeystoreSecurityLevel : Enum<AndroidKeystoreSecurityLevel>

sealed class Assertion

An open-ended statement that can be wrapped in DeviceAssertion.

AssertionBindingKeys

data class AssertionBindingKeys(val publicKeys: List<EcPublicKey>, val nonce: ByteString, val clientId: String, val keyStorage: List<String>, val userAuthentication: List<String>, val issuedAt: Instant, val expiration: Instant? = null) : Assertion

Asserts that the given list of public keys corresponds to the freshly-minted private keys on the device with the given properties.

AssertionGenericCbor

class AssertionGenericCbor(val data: DataItem) : Assertion

General-purpose Assertion that contains arbitrary Cbor data.

class AssertionNonce(val nonce: ByteString) : Assertion

Asserts that the device has access to the opaque private key in DeviceAttestation by signing server-supplied nonce.

AssertionPoPKey

data class AssertionPoPKey(val publicKey: EcPublicKey, val targetUrl: String) : Assertion

Asserts that the device possesses private key for the given public key publicKey.

AssertionRpcAuth

class AssertionRpcAuth(val target: String, val method: String, val nonce: ByteString, val timestamp: Instant, val clientId: String, val payloadHash: ByteString) : Assertion

A subclass of Assertion that authorizes a single RPC call.

DeviceAssertion

data class DeviceAssertion(val assertionData: ByteString, val platformAssertion: ByteString)

Assertion and additional data that can be used to validate the statement in the assertion.

DeviceAssertionException

class DeviceAssertionException(message: String, cause: Throwable? = null) : Exception

Exception thrown when DeviceAssertion validation fails.

DeviceAssertionMaker

fun interface DeviceAssertionMaker

DeviceAttestation

sealed class DeviceAttestation

A platform-issued statement vouching for the integrity of the wallet app.

DeviceAttestationAndroid

data class DeviceAttestationAndroid(val certificateChain: X509CertChain) : DeviceAttestation

On Android we create a private key in secure area and use its key attestation as the device attestation.

DeviceAttestationException

class DeviceAttestationException(message: String, cause: Throwable? = null) : Exception

Exception thrown when DeviceAttestation validation fails.

DeviceAttestationIos

data class DeviceAttestationIos(val blob: ByteString) : DeviceAttestation

On iOS device attestation is the result of Apple's DeviceCheck API.

DeviceAttestationJvm

class DeviceAttestationJvm : DeviceAttestation

Plain JVM does not have a way to generate a device attestation.

DeviceAttestationResult

data class DeviceAttestationResult(val deviceAttestationId: String, val deviceAttestation: DeviceAttestation)

DeviceAttestationValidationData

data class DeviceAttestationValidationData(val attestationChallenge: ByteString, val iosReleaseBuild: Boolean, val iosAppIdentifiers: Set<String>, val androidGmsAttestation: Boolean, val androidVerifiedBootGreen: Boolean, val androidRequiredKeyMintSecurityLevel: AndroidKeystoreSecurityLevel, val androidAppSignatureCertificateDigests: Set<ByteString>, val androidAppPackageNames: Set<String>)

Data necessary to validate a DeviceAttestation object.

actual object DeviceCheck

Generates statements validating device/app/OS integrity. Details of these statements are inherently platform-specific.

expect object DeviceCheck

Generates statements validating device/OS/app integrity. Details of these statements are inherently platform-specific.

actual object DeviceCheck

actual object DeviceCheck

Generates statements validating device/app/OS integrity. Details of these statements are inherently platform-specific.

actual object DeviceCheck

Properties

Assertion_cborSchemaId

val Assertion_cborSchemaId: ByteString

AssertionBindingKeys_cborSchemaId

val AssertionBindingKeys_cborSchemaId: ByteString

AssertionGenericCbor_cborSchemaId

val AssertionGenericCbor_cborSchemaId: ByteString

AssertionNonce_cborSchemaId

val AssertionNonce_cborSchemaId: ByteString

AssertionPoPKey_cborSchemaId

val AssertionPoPKey_cborSchemaId: ByteString

AssertionRpcAuth_cborSchemaId

val AssertionRpcAuth_cborSchemaId: ByteString

val Assertion.Companion.cborSchemaId: ByteString

val DeviceAssertion.Companion.cborSchemaId: ByteString

val DeviceAttestation.Companion.cborSchemaId: ByteString

val DeviceAttestationIos.Companion.cborSchemaId: ByteString

DeviceAssertion_cborSchemaId

val DeviceAssertion_cborSchemaId: ByteString

DeviceAttestation_cborSchemaId

val DeviceAttestation_cborSchemaId: ByteString

DeviceAttestationAndroid_cborSchemaId

val DeviceAttestationAndroid_cborSchemaId: ByteString

DeviceAttestationIos_cborSchemaId

val DeviceAttestationIos_cborSchemaId: ByteString

DeviceAttestationJvm_cborSchemaId

val DeviceAttestationJvm_cborSchemaId: ByteString

Functions

AssertionBindingKeys_fromDataItem

fun AssertionBindingKeys_fromDataItem(dataItem: DataItem): AssertionBindingKeys

AssertionGenericCbor_fromDataItem

fun AssertionGenericCbor_fromDataItem(dataItem: DataItem): AssertionGenericCbor

AssertionNonce_fromDataItem

fun AssertionNonce_fromDataItem(dataItem: DataItem): AssertionNonce

AssertionPoPKey_fromDataItem

fun AssertionPoPKey_fromDataItem(dataItem: DataItem): AssertionPoPKey

AssertionRpcAuth_fromDataItem

fun AssertionRpcAuth_fromDataItem(dataItem: DataItem): AssertionRpcAuth

DeviceAttestationAndroid_fromDataItem

fun DeviceAttestationAndroid_fromDataItem(dataItem: DataItem): DeviceAttestationAndroid

DeviceAttestationJvm_fromDataItem

fun DeviceAttestationJvm_fromDataItem(dataItem: DataItem): DeviceAttestationJvm

fun Assertion.Companion.fromCbor(data: ByteArray): Assertion

fun DeviceAssertion.Companion.fromCbor(data: ByteArray): DeviceAssertion

fun DeviceAttestation.Companion.fromCbor(data: ByteArray): DeviceAttestation

fun DeviceAttestationIos.Companion.fromCbor(data: ByteArray): DeviceAttestationIos

fun Assertion.Companion.fromDataItem(dataItem: DataItem): Assertion

fun DeviceAssertion.Companion.fromDataItem(dataItem: DataItem): DeviceAssertion

fun DeviceAttestation.Companion.fromDataItem(dataItem: DataItem): DeviceAttestation

fun DeviceAttestationIos.Companion.fromDataItem(dataItem: DataItem): DeviceAttestationIos

fun Assertion.toCbor(): ByteArray

fun AssertionBindingKeys.toCbor(): ByteArray

fun AssertionGenericCbor.toCbor(): ByteArray

fun AssertionNonce.toCbor(): ByteArray

fun AssertionPoPKey.toCbor(): ByteArray

fun AssertionRpcAuth.toCbor(): ByteArray

fun DeviceAssertion.toCbor(): ByteArray

fun DeviceAttestation.toCbor(): ByteArray

fun DeviceAttestationAndroid.toCbor(): ByteArray

fun DeviceAttestationIos.toCbor(): ByteArray

fun DeviceAttestationJvm.toCbor(): ByteArray

fun Assertion.toDataItem(): DataItem

fun AssertionBindingKeys.toDataItem(): DataItem

fun AssertionGenericCbor.toDataItem(): DataItem

fun AssertionNonce.toDataItem(): DataItem

fun AssertionPoPKey.toDataItem(): DataItem

fun AssertionRpcAuth.toDataItem(): DataItem

fun DeviceAssertion.toDataItem(): DataItem

fun DeviceAttestation.toDataItem(): DataItem

fun DeviceAttestationAndroid.toDataItem(): DataItem

fun DeviceAttestationIos.toDataItem(): DataItem

fun DeviceAttestationJvm.toDataItem(): DataItem